PLAT-570 - move the config file to YAML

cmd/moroz/main.go

@@ -68,12 +68,12 @@ func main() {
 
 	if _, err := os.Stat(*flTLSCert); *flUseTLS && os.IsNotExist(err) {
 		logging.Logger.Log("level", "info", "msg", openSSLBash)
-		logging.Logger.Log("level", "info", "msg", "you need to provide at least a 'global.toml' configuration file in the configs folder. See the configs folder in the git repo for an example")
+		logging.Logger.Log("level", "info", "msg", "you need to provide at least a 'global.yaml' configuration file in the configs folder. See the configs folder in the git repo for an example")
 		os.Exit(2)
 	}
 
 	if !validateConfigExists(*flConfigs) {
-		logging.Logger.Log("level", "error", "msg", "you need to provide at least a 'global.toml' configuration file in the configs folder. See the configs folder in the git repo for an example")
+		logging.Logger.Log("level", "error", "msg", "you need to provide at least a 'global.yaml' configuration file in the configs folder. See the configs folder in the git repo for an example")
 		os.Exit(2) // Exit with a specific status code
 	}
 
@@ -143,7 +143,7 @@ func validateConfigExists(configsPath string) bool {
 	if _, err := os.Stat(configsPath); os.IsNotExist(err) {
 		hasConfig = false
 	}
-	if _, err := os.Stat(configsPath + "/global.toml"); os.IsNotExist(err) {
+	if _, err := os.Stat(configsPath + "/global.yaml"); os.IsNotExist(err) {
 		hasConfig = false
 	}
 	if !hasConfig {

configs/global.yaml

@@ -0,0 +1,13 @@
+allowed_path_regex: "^(?:/Users)/.*"
+batch_size: 100
+enable_all_event_upload: true
+enable_bundles: false
+enable_transitive_rules: true
+
+full_sync_interval: 600
+
+rules:
+  - rule_type: "BINARY"
+    policy: "ALLOWLIST"
+    identifier: "821a693e3b6c7ddb1911726ea63c7dce8a88219ca4d7cd1c137ce5423f34b722"
+    custom_msg: "moroz server"

go.mod

@@ -1,21 +1,18 @@
 module github.com/groob/moroz
 
-go 1.20
+go 1.21
+
+toolchain go1.23.1
 
 require (
-	github.com/BurntSushi/toml v0.2.0
-	github.com/go-kit/kit v0.4.0
+	github.com/BurntSushi/toml v1.4.0
+	github.com/go-kit/kit v0.13.0
 	github.com/go-kit/log v0.2.1
-	github.com/gorilla/mux v1.6.1
-	github.com/kolide/kit v0.0.0-20180912215818-0c28f72eb2b0
-	github.com/oklog/run v1.0.0
-	github.com/pkg/errors v0.8.0
+	github.com/gorilla/mux v1.8.1
+	github.com/kolide/kit v0.0.0-20240411131714-94dd1939cf50
+	github.com/oklog/run v1.1.0
+	github.com/pkg/errors v0.9.1
+	gopkg.in/yaml.v2 v2.4.0
 )
 
-require (
-	github.com/go-logfmt/logfmt v0.5.1 // indirect
-	github.com/go-stack/stack v1.7.0 // indirect
-	github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f // indirect
-	github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515 // indirect
-	golang.org/x/net v0.23.0 // indirect
-)
+require github.com/go-logfmt/logfmt v0.6.0 // indirect

go.sum

@@ -1,22 +1,20 @@
-github.com/BurntSushi/toml v0.2.0 h1:OthAm9ZSUx4uAmn3WbPwc06nowWrByRwBsYRhbmFjBs=
-github.com/BurntSushi/toml v0.2.0/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/go-kit/kit v0.4.0 h1:KeVK+Emj3c3S4eRztFuzbFYb2BAgf2jmwDwyXEri7Lo=
-github.com/go-kit/kit v0.4.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
+github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
+github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
+github.com/go-kit/kit v0.13.0 h1:OoneCcHKHQ03LfBpoQCUfCluwd2Vt3ohz+kvbJneZAU=
+github.com/go-kit/kit v0.13.0/go.mod h1:phqEHMMUbyrCFCTgH48JueqrM3md2HcAZ8N3XE4FKDg=
 github.com/go-kit/log v0.2.1 h1:MRVx0/zhvdseW+Gza6N9rVzU/IVzaeE1SFI4raAhmBU=
 github.com/go-kit/log v0.2.1/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0=
-github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNVA=
-github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
-github.com/go-stack/stack v1.7.0 h1:S04+lLfST9FvL8dl4R31wVUC/paZp/WQZbLmUgWboGw=
-github.com/go-stack/stack v1.7.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
-github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f h1:9oNbS1z4rVpbnkHBdPZU4jo9bSmrLpII768arSyMFgk=
-github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
-github.com/gorilla/mux v1.6.1 h1:KOwqsTYZdeuMacU7CxjMNYEKeBvLbxW+psodrbcEa3A=
-github.com/gorilla/mux v1.6.1/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
-github.com/kolide/kit v0.0.0-20180912215818-0c28f72eb2b0 h1:8UB0NJBoB/lN2O9zG9+U2klyYE0UhvN2Zrn7HBjhwNY=
-github.com/kolide/kit v0.0.0-20180912215818-0c28f72eb2b0/go.mod h1:N3Yv8okDVC/5qZhPA9uxVYRfkp4mD2vrlQiSCWlNCpg=
-github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
-github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
-github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw=
-github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
-golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
+github.com/go-logfmt/logfmt v0.6.0 h1:wGYYu3uicYdqXVgoYbvnkrPVXkuLM1p1ifugDMEdRi4=
+github.com/go-logfmt/logfmt v0.6.0/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
+github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
+github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
+github.com/kolide/kit v0.0.0-20240411131714-94dd1939cf50 h1:N7RaYBPTK5o4y2z1z8kl/G3iAeP73QCfAUH4y39GRCc=
+github.com/kolide/kit v0.0.0-20240411131714-94dd1939cf50/go.mod h1:pFbEKXFww1uqu4RRO7qCnUmQ2EIwKYRzUqpJbODNlfc=
+github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA=
+github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=

santa/santa.go

@@ -10,35 +10,35 @@ import (
 // Config represents the combination of the Preflight configuration and Rules
 // for a given MachineID.
 type Config struct {
-	MachineID string `toml:"machine_id,omitempty"`
+	MachineID string `yaml:"machine_id,omitempty"`
 	Preflight
-	Rules []Rule `toml:"rules"`
+	Rules []Rule `yaml:"rules"`
 }
 
 // Rule is a Santa rule.
 // Full documentation: https://github.com/google/santa/blob/01df4623c7c534568ca3d310129455ff71cc3eef/Docs/details/rules.md
 type Rule struct {
-	RuleType      RuleType `json:"rule_type" toml:"rule_type"`
-	Policy        Policy   `json:"policy" toml:"policy"`
-	Identifier    string   `json:"identifier" toml:"identifier"`
-	CustomMessage string   `json:"custom_msg,omitempty" toml:"custom_msg,omitempty"`
+	RuleType      RuleType `json:"rule_type" yaml:"rule_type"`
+	Policy        Policy   `json:"policy" yaml:"policy"`
+	Identifier    string   `json:"identifier" yaml:"identifier"`
+	CustomMessage string   `json:"custom_msg,omitempty" yaml:"custom_msg,omitempty"`
 }
 
 // Preflight represents sync response sent to a Santa client by the sync server.
 type Preflight struct {
-	EnableBundles         bool       `json:"enable_bundles" toml:"enable_bundles"`
-	EnableTransitiveRules bool       `json:"enable_transitive_rules" toml:"enable_transitive_rules"`
-	BatchSize             int        `json:"batch_size" toml:"batch_size"`
-	FullSyncInterval      int        `json:"full_sync_interval" toml:"full_sync_interval"`
-	ClientMode            ClientMode `json:"client_mode" toml:"client_mode"`
-	AllowedPathRegex      string     `json:"allowed_path_regex" toml:"allowed_path_regex"`
-	BlockedPathRegex      string     `json:"blocked_path_regex" toml:"blocked_path_regex"`
-	BlockUsbMount		  bool		 `json:"block_usb_mount" toml:"block_usb_mount"`
-	RemountUsbMode		  string	 `json:"remount_usb_mode" toml:"remount_usb_mode"`
-	SyncType			  string	 `json:"sync_type" toml:"sync_type"`
-	OverrideFileAccessAction string  `json:"override_file_access_action,omitempty" toml:"override_file_access_action"`
-	EnableAllEventUpload  bool       `json:"enable_all_event_upload" toml:"enable_all_event_upload"`
-	// CleanSync             bool       `json:"clean_sync" toml:"clean_sync"`
+	EnableBundles         bool       `json:"enable_bundles" yaml:"enable_bundles"`
+	EnableTransitiveRules bool       `json:"enable_transitive_rules" yaml:"enable_transitive_rules"`
+	BatchSize             int        `json:"batch_size" yaml:"batch_size"`
+	FullSyncInterval      int        `json:"full_sync_interval" yaml:"full_sync_interval"`
+	ClientMode            ClientMode `json:"client_mode" yaml:"client_mode"`
+	AllowedPathRegex      string     `json:"allowed_path_regex" yaml:"allowed_path_regex"`
+	BlockedPathRegex      string     `json:"blocked_path_regex" yaml:"blocked_path_regex"`
+	BlockUsbMount		  bool		 `json:"block_usb_mount" yaml:"block_usb_mount"`
+	RemountUsbMode		  string	 `json:"remount_usb_mode" yaml:"remount_usb_mode"`
+	SyncType			  string	 `json:"sync_type" yaml:"sync_type"`
+	OverrideFileAccessAction string  `json:"override_file_access_action,omitempty" yaml:"override_file_access_action"`
+	EnableAllEventUpload  bool       `json:"enable_all_event_upload" yaml:"enable_all_event_upload"`
+	// CleanSync             bool       `json:"clean_sync" yaml:"clean_sync"`
 }
 
 // A PreflightPayload represents the request sent by a santa client to the sync server.

santaconfig/config.go

@@ -7,9 +7,9 @@ import (
 	"strings"
 	"sync"
 
-	"github.com/BurntSushi/toml"
 	"github.com/groob/moroz/santa"
 	"github.com/pkg/errors"
+	"gopkg.in/yaml.v2"
 )
 
 func NewFileRepo(path string) *FileRepo {
@@ -68,7 +68,7 @@ func loadConfigs(path string) ([]santa.Config, error) {
 		if err != nil {
 			return err
 		}
-		if filepath.Ext(info.Name()) != ".toml" {
+		if filepath.Ext(info.Name()) != ".yaml" {
 			return nil
 		}
 		file, err := os.ReadFile(path)
@@ -77,7 +77,7 @@ func loadConfigs(path string) ([]santa.Config, error) {
 		}
 		if !info.IsDir() {
 			var conf santa.Config
-			err := toml.Unmarshal(file, &conf)
+			err := yaml.Unmarshal(file, &conf)
 			if err != nil {
 				return errors.Wrapf(err, "failed to decode %v, skipping \n", info.Name())
 			}